{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30285e1a-9898-5961-9b2b-15e40736b3a5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-json-basic", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d721be82-6f37-561d-a52c-d8262ff6f4ba", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de0ae24c-43c8-5a36-b948-4e0c917e83a4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9aadd834-6ed8-5be9-9622-a86d8852f781", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75d32c96-6d76-56a3-9af8-ef57f0176431", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c6075cc-4581-538a-9afc-80f9ddfedcb1", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c783161-6b46-5af2-9dd3-f2b31a2e624b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3132ac0a-9382-53c6-b737-41f6d81f653e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4df3bbe-a660-56bf-84c9-19f40f9c3f2b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4f619ea-fc32-5ef5-8519-95dde9417416", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dab855b-5482-5040-bb0d-3c8effe23b21", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:185916af-cc23-5b43-95b2-4ef39249865b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83974257-f14b-548f-9751-0f77f1264561", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33cb89aa-a9e1-5365-a6e5-b6c80407cf63", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c339b0a-fec7-55b4-8448-253f7f051926", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04dc47f3-3dd6-522d-9d72-b886ae600253", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86718fac-0897-56ab-800d-88b3c9dff104", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:218fb6f8-3154-5453-a058-4a82132dfa08", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f47b1129-15ab-5eb7-9695-1e3dde89e386", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:decd9c7a-90d8-5744-a0dd-dd5eae464616", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:302dcf3c-7bb9-50be-953b-602be064acc7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf01d734-cb4e-543f-b204-7617b194b368", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97f33fe8-350c-52f0-af87-2eb565f44423", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33cc9b85-f4f0-514c-abcd-bc121830c3b2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:378bf8cf-6966-5e5c-aea0-d851c88b536f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0088c1f9-d584-5761-adf3-83b7a614dcbd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fd059d6-1eec-54ae-adec-f3b879c8bed6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ff0b4ba-4a3f-5b13-9973-e190c45178bf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4415da5-df9a-517b-ae46-18e4c48d5dfa", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e96ca4ba-9b62-52ce-a644-b8d6d14e4e49", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aac34fd-0641-5ae5-a420-f58a0f189368", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c61b1e3e-6f25-5ec3-addf-6cc68c8ceb23", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5811c43c-f992-512b-9586-58482c427966", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.11-tuxcare.1" } ] }